Issue

I want to understand how Zoom handles WSU user data, including Zoom Phone data.

Solution

The following sections describe how WSU Zoom ensures user data is secure.

This webpage shows the acceptable use for Zoom, as well as other cloud services, at WSU: 
WSU Cloud Acceptable Use Matrix 

Zoom's Legal Resources:

Data Center Selection and Data Routing: Zoom offers administrators the ability to select specific data center regions for processing real-time meeting and webinar data. This setting ensures that data does not traverse or get stored in data centers outside the selected region, thereby aligning with data residency requirements.

  • WSU Zoom Utilizes Only U.S. Data Centers: All in-meeting and in-webinar data in transit will be processed exclusively within the United States.
    Read more about Zoom's Data Center Options

Data Security Measures: Zoom employs robust security protocols to safeguard user data:

  • Encryption: All data in transit between Zoom clients and servers is encrypted using TLS 1.2, and data at rest is secured with 256-bit Advanced Encryption Standard (AES) encryption.
    Read more about Zoom's Data Encryption
  • Access Controls: Zoom provides features such as meeting passwords, waiting rooms, and host controls to manage participant access and enhance security.
    Read more about Zoom - Securing Your Meeting

FERPA Compliance: FERPA mandates the protection of students' educational records. Zoom complies with FERPA by:

  • Acting as a School Official: Under FERPA, Zoom is considered a "school official" with a legitimate educational interest, allowing it to receive Personally Identifiable Information (PII) through contractual agreements with educational institutions.
    Read Zoom's FERPA Guide

HIPAA Compliance: For institutions handling Protected Health Information (PHI), HIPAA compliance is crucial. Zoom supports HIPAA compliance through:


Need Help? You can submit a ticket from our Jira service desk: WSU Zoom Service Desk